Analysis

  • max time kernel
    117s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    19-04-2024 01:19

General

  • Target

    f92f9526a002c5ded9caea59cbc71b0e_JaffaCakes118.exe

  • Size

    2.8MB

  • MD5

    f92f9526a002c5ded9caea59cbc71b0e

  • SHA1

    ee69348b8df5f96b54589907a06557ef73b9a2ce

  • SHA256

    9b702a74237fb3b50fa55b66d5785786037bc524e6fd716526191e80ac1a16aa

  • SHA512

    c8a45e870dde53841e6d5692b1151e730688e942434ebc7ed78a12b95407605bcc31c2e8d1ad4d48c26c0aaad5f98678d0de8c32370239b8a77849607f578c79

  • SSDEEP

    24576:S6pQPxQ2JyP2r5mJV91xM7RpbwgIvs7NxqUkHE6pQPxQ2JyP2r5mJV91h:SCqm2Jpr0nNM7Dus7Nx2kCqm2Jpr0n1

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 4 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Drops desktop.ini file(s) 9 IoCs
  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\f92f9526a002c5ded9caea59cbc71b0e_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\f92f9526a002c5ded9caea59cbc71b0e_JaffaCakes118.exe"
    1⤵
    • Drops desktop.ini file(s)
    • Drops file in Program Files directory
    PID:1936

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files\7-Zip\7-zip32.dll.exe

    Filesize

    2.8MB

    MD5

    5d7774f31034d96e601cf99dd3e874f3

    SHA1

    166786a42fb400c657833e498b184b2c443e9ea2

    SHA256

    141a5c3c990db01050ae3f572d92a12af45aaac4b0a30a8efd0b87ec5d3650b0

    SHA512

    a1e2558eff27f7f4c9a2f4086c755a1200ecf547eb738d6ba89ed101b81241cb6ebcd098b7d1490834cb7c9b73ddc731240d7d81164e64faea5faa49a19dae55

  • memory/1936-0-0x0000000000400000-0x00000000005BA000-memory.dmp

    Filesize

    1.7MB

  • memory/1936-1925-0x0000000000400000-0x00000000005BA000-memory.dmp

    Filesize

    1.7MB

  • memory/1936-8031-0x0000000000400000-0x00000000005BA000-memory.dmp

    Filesize

    1.7MB